Gastón Fournier
53275966a9
chore: update node-version file ( #3562 )
...
## About the changes
There are a few version managers for node.js respecting .node-version
file so it makes sense to also update it
---------
Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai>
2023-04-21 09:25:10 +02:00
renovate[bot]
7578bf31ee
chore(deps): update node.js to v14.21.3 ( #3223 )
...
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg )](https://renovatebot.com )
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [node](https://togithub.com/nodejs/node ) | patch | `14.21.2` ->
`14.21.3` |
---
### Release Notes
<details>
<summary>nodejs/node</summary>
###
[`v14.21.3`](https://togithub.com/nodejs/node/releases/tag/v14.21.3 ):
2023-02-16, Version 14.21.3 'Fermium' (LTS),
@​richardlau
[Compare
Source](https://togithub.com/nodejs/node/compare/v14.21.2...v14.21.3 )
This is a security release.
##### Notable Changes
The following CVEs are fixed in this release:
-
**[CVE-2023-23918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23918 )**:
Node.js Permissions policies can be bypassed via process.mainModule
(High)
-
**[CVE-2023-23920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920 )**:
Node.js insecure loading of ICU data through ICU_DATA environment
variable (Low)
More detailed information on each of the vulnerabilities can be found in
[February 2023 Security
Releases](https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/ )
blog post.
This security release includes OpenSSL security updates as outlined in
the recent
[OpenSSL security
advisory](https://www.openssl.org/news/secadv/20230207.txt ).
This security release also includes an npm update for Node.js 14 to
address a number
of CVEs which either do not affect Node.js or are low severity in the
context of Node.js. You
can get more details for the individual CVEs in
[nodejs-dependency-vuln-assessments](https://togithub.com/nodejs/nodejs-dependency-vuln-assessments ).
##### Commits
- \[[`97a0443f13`](https://togithub.com/nodejs/node/commit/97a0443f13 )]
- **build**: build ICU with ICU_NO_USER_DATA_OVERRIDE (RafaelGSS)
[nodejs-private/node-private#​374](https://togithub.com/nodejs-private/node-private/pull/374 )
- \[[`9e6221529b`](https://togithub.com/nodejs/node/commit/9e6221529b )]
- **deps**: cherry-pick Windows ARM64 fix for openssl (Richard Lau)
[#​46566](https://togithub.com/nodejs/node/pull/46566 )
- \[[`0d5f86451d`](https://togithub.com/nodejs/node/commit/0d5f86451d )]
- **deps**: update archs files for OpenSSL-1.1.1t (RafaelGSS)
[#​46566](https://togithub.com/nodejs/node/pull/46566 )
- \[[`8c11d17b40`](https://togithub.com/nodejs/node/commit/8c11d17b40 )]
- **deps**: upgrade openssl sources to 1.1.1t (RafaelGSS)
[#​46566](https://togithub.com/nodejs/node/pull/46566 )
- \[[`224e93c9ef`](https://togithub.com/nodejs/node/commit/224e93c9ef )]
- **deps**: upgrade npm to 6.14.18 (Ruy Adorno)
[#​45936](https://togithub.com/nodejs/node/pull/45936 )
- \[[`d73ea4de13`](https://togithub.com/nodejs/node/commit/d73ea4de13 )]
- **doc**: clarify release notes for Node.js 14.21.2 (Richard Lau)
[#​45846](https://togithub.com/nodejs/node/pull/45846 )
- \[[`f7892c16be`](https://togithub.com/nodejs/node/commit/f7892c16be )]
- **lib**: makeRequireFunction patch when experimental policy
(RafaelGSS)
[nodejs-private/node-private#​358](https://togithub.com/nodejs-private/node-private/pull/358 )
- \[[`fa115ee8ac`](https://togithub.com/nodejs/node/commit/fa115ee8ac )]
- **module**: protect against prototype mutation (Antoine du Hamel)
[#​44007](https://togithub.com/nodejs/node/pull/44007 )
- \[[`83975b7fb4`](https://togithub.com/nodejs/node/commit/83975b7fb4 )]
- **policy**: makeRequireFunction on mainModule.require (RafaelGSS)
[nodejs-private/node-private#​358](https://togithub.com/nodejs-private/node-private/pull/358 )
- \[[`a5f8798d7a`](https://togithub.com/nodejs/node/commit/a5f8798d7a )]
- **test**: avoid left behind child processes (Richard Lau)
[#​46276](https://togithub.com/nodejs/node/pull/46276 )
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/Unleash/unleash ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xNTMuMiIsInVwZGF0ZWRJblZlciI6IjM0LjE1My4yIn0=-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-01 18:18:31 +00:00
renovate[bot]
c33ed29481
chore(deps): update node.js to v14.21.2 ( #2750 )
...
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg )](https://renovatebot.com )
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [node](https://togithub.com/nodejs/node ) | patch | `14.21.1` ->
`14.21.2` |
---
### Release Notes
<details>
<summary>nodejs/node</summary>
###
[`v14.21.2`](https://togithub.com/nodejs/node/releases/tag/v14.21.2 ):
2022-12-13, Version 14.21.2 'Fermium' (LTS),
@​richardlau
[Compare
Source](https://togithub.com/nodejs/node/compare/v14.21.1...v14.21.2 )
##### Notable Changes
##### OpenSSL 1.1.1s
This update is a bugfix release and does not address any security
vulnerabilities.
##### Root certificates updated to NSS 3.85
Certificates added:
- Autoridad de Certificacion Firmaprofesional CIF
[`A626340`](https://togithub.com/nodejs/node/commit/A62634068 )
- Certainly Root E1
- Certainly Root R1
- D-TRUST BR Root CA 1 2020
- D-TRUST EV Root CA 1 2020
- DigiCert TLS ECC P384 Root G5
- DigiCert TLS RSA4096 Root G5
- E-Tugra Global Root CA ECC v3
- E-Tugra Global Root CA RSA v3
- HiPKI Root CA - G1
- ISRG Root X2
- Security Communication ECC RootCA1
- Security Communication RootCA3
- Telia Root CA v2
- vTrus ECC Root CA
- vTrus Root CA
Certificates removed:
- Cybertrust Global Root
- DST Root CA X3
- GlobalSign Root CA - R2
- Hellenic Academic and Research Institutions RootCA 2011
##### Time zone update to 2022f
Time zone data has been updated to 2022f. This includes changes to
Daylight
Savings Time (DST) for Fiji and Mexico. For more information, see
<https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html >.
##### Commits
- \[[`436a596e99`](https://togithub.com/nodejs/node/commit/436a596e99 )]
- **crypto**: update root certificates (Luigi Pinca)
[#​45490](https://togithub.com/nodejs/node/pull/45490 )
- \[[`4b422d34af`](https://togithub.com/nodejs/node/commit/4b422d34af )]
- **deps**: V8: cherry-pick
[`d2db7fa`](https://togithub.com/nodejs/node/commit/d2db7fa7f786 )
(Richard Lau)
[#​45785](https://togithub.com/nodejs/node/pull/45785 )
- \[[`625f4bf3a9`](https://togithub.com/nodejs/node/commit/625f4bf3a9 )]
- **deps**: update corepack to 0.15.1 (Node.js GitHub Bot)
[#​45331](https://togithub.com/nodejs/node/pull/45331 )
- \[[`48a9810de8`](https://togithub.com/nodejs/node/commit/48a9810de8 )]
- **deps**: update corepack to 0.15.0 (Node.js GitHub Bot)
[#​45235](https://togithub.com/nodejs/node/pull/45235 )
- \[[`9f4e64b603`](https://togithub.com/nodejs/node/commit/9f4e64b603 )]
- **deps**: update timezone to 2022f (Richard Lau)
[#​45521](https://togithub.com/nodejs/node/pull/45521 )
- \[[`f297b6bd21`](https://togithub.com/nodejs/node/commit/f297b6bd21 )]
- **deps**: update archs files for OpenSSL-1.1.1s (RafaelGSS)
[#​45272](https://togithub.com/nodejs/node/pull/45272 )
- \[[`11629fef15`](https://togithub.com/nodejs/node/commit/11629fef15 )]
- **deps**: upgrade openssl sources to 1.1.1s (RafaelGSS)
[#​45272](https://togithub.com/nodejs/node/pull/45272 )
- \[[`c3a90c4b44`](https://togithub.com/nodejs/node/commit/c3a90c4b44 )]
- **http2**: fix memory leak when nghttp2 hd threshold is reached
(rogertyang)
[#​41502](https://togithub.com/nodejs/node/pull/41502 )
- \[[`785dc3efee`](https://togithub.com/nodejs/node/commit/785dc3efee )]
- **module**: cjs-module-lexer WebAssembly fallback (Guy Bedford)
[#​43612](https://togithub.com/nodejs/node/pull/43612 )
- \[[`2dbeb889f6`](https://togithub.com/nodejs/node/commit/2dbeb889f6 )]
- **node-api**: handle no support for external buffers (Michael Dawson)
[#​45181](https://togithub.com/nodejs/node/pull/45181 )
- \[[`5b2ea124f3`](https://togithub.com/nodejs/node/commit/5b2ea124f3 )]
- **test**: add test to validate changelogs for releases (Richard Lau)
[#​45325](https://togithub.com/nodejs/node/pull/45325 )
- \[[`f13f889956`](https://togithub.com/nodejs/node/commit/f13f889956 )]
- **test**: add a test to ensure the correctness of timezone upgrades
(Darshan Sen)
[#​45299](https://togithub.com/nodejs/node/pull/45299 )
- \[[`5608e6fa72`](https://togithub.com/nodejs/node/commit/5608e6fa72 )]
- **tools**: update certdata.txt (Luigi Pinca)
[#​45490](https://togithub.com/nodejs/node/pull/45490 )
- \[[`d6f1d7107b`](https://togithub.com/nodejs/node/commit/d6f1d7107b )]
- **tools**: have test-asan use ubuntu-20.04 (Filip Skokan)
[#​45581](https://togithub.com/nodejs/node/pull/45581 )
- \[[`370a00f737`](https://togithub.com/nodejs/node/commit/370a00f737 )]
- **tools**: make license-builder.sh comply with shellcheck 0.8.0 (Rich
Trott) [#​41258](https://togithub.com/nodejs/node/pull/41258 )
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/Unleash/unleash ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC43My4zIiwidXBkYXRlZEluVmVyIjoiMzQuNzMuMyJ9-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-27 18:50:28 +00:00
renovate[bot]
cbfeedf489
chore(deps): update node.js to v14.21.1 ( #2385 )
...
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg )](https://renovatebot.com )
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [node](https://togithub.com/nodejs/node ) | minor | `14.20` -> `14.21`
|
| [node](https://togithub.com/nodejs/node ) | minor | `14.20.1` ->
`14.21.1` |
---
### Release Notes
<details>
<summary>nodejs/node</summary>
###
[`v14.21.1`](https://togithub.com/nodejs/node/releases/tag/v14.21.1 ):
2022-11-04, Version 14.21.1 'Fermium' (LTS),
@​BethGriggs
[Compare
Source](https://togithub.com/nodejs/node/compare/v14.21.0...v14.21.1 )
This is a security release.
##### Notable changes
The following CVEs are fixed in this release:
-
**[CVE-2022-43548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548 )**:
DNS rebinding in --inspect via invalid octal IP address (Medium)
More detailed information on each of the vulnerabilities can be found in
[November 2022 Security
Releases](https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/ )
blog post.
##### Commits
- \[[`2b433af094`](https://togithub.com/nodejs/node/commit/2b433af094 )]
- **inspector**: harden IP address validation again (Tobias Nießen)
[nodejs-private/node-private#​354](https://togithub.com/nodejs-private/node-private/pull/354 )
###
[`v14.21.0`](https://togithub.com/nodejs/node/releases/tag/v14.21.0 ):
2022-11-01, Version 14.21.0 'Fermium' (LTS),
@​danielleadams
[Compare
Source](https://togithub.com/nodejs/node/compare/v14.20.1...v14.21.0 )
##### Notable changes
- **deps**:
- update corepack to 0.14.2 (Node.js GitHub Bot)
[#​44775](https://togithub.com/nodejs/node/pull/44775 )
- **src**:
- add --openssl-shared-config option (Daniel Bevenius)
[#​43124](https://togithub.com/nodejs/node/pull/43124 )
##### Commits
- \[[`773f587912`](https://togithub.com/nodejs/node/commit/773f587912 )]
- **deps**: cherry-pick
[libuv/libuv@`3a7b955`](https://togithub.com/libuv/libuv/commit/3a7b955 )
(Ben Noordhuis)
[#​43950](https://togithub.com/nodejs/node/pull/43950 )
- \[[`a1dea66956`](https://togithub.com/nodejs/node/commit/a1dea66956 )]
- **deps**: cherry-pick
[libuv/libuv@`abb109f`](https://togithub.com/libuv/libuv/commit/abb109f )
(Ben Noordhuis)
[#​43950](https://togithub.com/nodejs/node/pull/43950 )
- \[[`98c49d81f5`](https://togithub.com/nodejs/node/commit/98c49d81f5 )]
- **deps**: update corepack to 0.14.2 (Node.js GitHub Bot)
[#​44775](https://togithub.com/nodejs/node/pull/44775 )
- \[[`18c43c8518`](https://togithub.com/nodejs/node/commit/18c43c8518 )]
- **deps**: update timezone to tz2022e (Richard Lau)
[#​45094](https://togithub.com/nodejs/node/pull/45094 )
- \[[`a1f8e4db48`](https://togithub.com/nodejs/node/commit/a1f8e4db48 )]
- **deps**: update corepack to 0.14.1 (Node.js GitHub Bot)
[#​44704](https://togithub.com/nodejs/node/pull/44704 )
- \[[`e55389ca86`](https://togithub.com/nodejs/node/commit/e55389ca86 )]
- **deps**: update corepack to 0.14.0 (Node.js GitHub Bot)
[#​44509](https://togithub.com/nodejs/node/pull/44509 )
- \[[`0227462418`](https://togithub.com/nodejs/node/commit/0227462418 )]
- **deps**: update corepack to 0.13.0 (Node.js GitHub Bot)
[#​44318](https://togithub.com/nodejs/node/pull/44318 )
- \[[`ee24c320ea`](https://togithub.com/nodejs/node/commit/ee24c320ea )]
- **deps**: update corepack to 0.12.3 (Node.js GitHub Bot)
[#​44229](https://togithub.com/nodejs/node/pull/44229 )
- \[[`28e9891449`](https://togithub.com/nodejs/node/commit/28e9891449 )]
- **deps**: update corepack to 0.12.2 (Node.js GitHub Bot)
[#​44159](https://togithub.com/nodejs/node/pull/44159 )
- \[[`b6972c9df2`](https://togithub.com/nodejs/node/commit/b6972c9df2 )]
- **deps**: update corepack to 0.12.1 (Node.js GitHub Bot)
[#​43965](https://togithub.com/nodejs/node/pull/43965 )
- \[[`9d6cb3b5f1`](https://togithub.com/nodejs/node/commit/9d6cb3b5f1 )]
- **deps**: update corepack to 0.12.0 (Node.js GitHub Bot)
[#​43748](https://togithub.com/nodejs/node/pull/43748 )
- \[[`fa6c276b4f`](https://togithub.com/nodejs/node/commit/fa6c276b4f )]
- **deps**: update Corepack to 0.11.2 (Maël Nison)
[#​43402](https://togithub.com/nodejs/node/pull/43402 )
- \[[`4f83d75626`](https://togithub.com/nodejs/node/commit/4f83d75626 )]
- **(SEMVER-MAJOR)** **src,doc,test**: add --openssl-shared-config
option (Daniel Bevenius)
[#​43124](https://togithub.com/nodejs/node/pull/43124 )
- \[[`9487028043`](https://togithub.com/nodejs/node/commit/9487028043 )]
- **test**: fix intl tests on small-icu builds (Antoine du Hamel)
[#​41939](https://togithub.com/nodejs/node/pull/41939 )
- \[[`a1d52097f8`](https://togithub.com/nodejs/node/commit/a1d52097f8 )]
- **tools**: add more options to track flaky tests (Antoine du Hamel)
[#​43954](https://togithub.com/nodejs/node/pull/43954 )
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/Unleash/unleash ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xOS4wIiwidXBkYXRlZEluVmVyIjoiMzQuMTkuMCJ9-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-10 15:58:42 +01:00
renovate[bot]
89a9695100
chore(deps): update node.js to v14.20.1 ( #2158 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-10 02:18:14 +00:00
renovate[bot]
4981d0584e
chore(deps): update node.js to v14.20.0
2022-07-11 21:55:21 +00:00
Renovate Bot
00cc6c8258
chore(deps): update node.js to v14.19.3
2022-05-17 21:56:07 +00:00
Renovate Bot
2f7ffd19ce
chore(deps): update node.js to v14.19.2
2022-05-04 23:38:22 +00:00
Renovate Bot
27bb634659
chore(deps): update node.js to v14.19.1
2022-03-18 21:04:55 +00:00
Renovate Bot
d61b023269
chore(deps): update node.js to v14.19.0
2022-02-01 23:18:09 +00:00
Renovate Bot
ec62e62247
chore(deps): update node.js to v14.18.3
2022-01-11 01:51:18 +00:00
Renovate Bot
debd66dee5
chore(deps): update node.js to v14.18.2
2021-11-30 19:51:30 +00:00
Renovate Bot
99c1039b4d
chore(deps): update node.js to v14.18.1
2021-10-17 14:11:14 +00:00
David Alpert
0681a7b1d3
chore(node-version): move node spec to .node-version ( #1034 )
...
placing the required node version in a .node-version
file allows it to be read programatically by node
version managers like nodenv, asdf, etc
2021-10-17 15:26:59 +02:00